Conversation
Introduce SandboxSmall (standard-2) Durable Object for per-session
container isolation. Sessions for orgs in PER_SESSION_SANDBOX_ORG_IDS
get a dedicated ses-{hash} sandbox routed to SandboxSmall; all other
sessions continue using the shared Sandbox namespace.
- Add generatePerSessionSandboxId, isPerSessionSandboxOrg, getSandboxNamespace
- Store sandboxId in session metadata; fall back to generateSandboxId for legacy sessions
- Expand SandboxId type to cover hash-based prefixes (org-, usr-, bot-, ubt-, ses-)
- Replace schema transform heuristic with regex validation
- Add wrangler bindings and migrations for SandboxSmall DO
- Add unit and integration tests for new routing logic
![kilo-code-bot[bot]](https://avatars.githubusercontent.com/in/2193792?s=60&v=4){kind=small}
Contributor
Code Review SummaryStatus: No Issues Found | Recommendation: Merge Files Reviewed (15 files)
Reviewed by gpt-5.4-20260305 · 2,296,046 tokens |
…ession-service paths Hoist sandboxId computation before prepare() in the initiate branch so it gets stored in DO metadata. Add sandboxId to saveSessionMetadata() so sessions created via SessionService also persist it. Fix wildcard '*' matching in generateSandboxId to work even when orgId is undefined.
jeanduplessis
approved these changes
Mar 17, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add per-session sandbox isolation for designated organizations. Sessions for orgs in a hardcoded allowlist (
PER_SESSION_SANDBOX_ORG_IDS) receive a dedicatedSandboxSmall(standard-2 instance type) container via a newses-{hash}sandbox ID format, while all other sessions continue using the sharedSandboxcontainer.Key architectural changes:
SandboxSmallDurable Object class (re-exportsSandboxfrom@cloudflare/sandbox) withstandard-2instance type and separate wrangler bindings/migrationsgetSandboxNamespace(env, sandboxId)routing layer inserted at everygetSandbox()call site — routesses-*IDs toenv.SandboxSmall, everything else toenv.SandboxsandboxIdis now persisted in session metadata so resumed/cold-start sessions use the correct namespace without re-derivinggenerateSandboxId()for sessions that predatesandboxIdstorage ensures full backward compatibilitySandboxIdtype expanded to explicitly cover all generated formats (org-,usr-,bot-,ubt-,ses-, plus legacy__-delimited).refine()instead of heuristic.transform()with mistypedascastsVerification
pnpm run typecheck— passed (tsgo + wrapper tsc)pnpm run test— 662/662 tests passedgeneratePerSessionSandboxId,isPerSessionSandboxOrg,getSandboxNamespacedeleteSessionroutesses-prefixed IDs toSandboxSmallnamespaceVisual Changes
N/A